Detections
Analytics
Mac OS X Fraudulent DigiNotar Digital Certificates (Security Update 2011-005)
medium Nessus Plugin ID 56141
Language:
Synopsis
The remote Mac OS X host contains support for an untrusted certificate authority.Description
The remote host is running a version of Mac OS X 10.6 or 10.7 that does not have Security Update 2011-005 applied. Due to the issuance of several fraudulent SSL certificates, this security update removes DigiNotar from the list of trusted root certificates as well as the list of Extended Validation (EV) certificate authorities. It also configures default system trust settings so that DigiNotar's certificates, including those issued by other authorities, are not trusted.Solution
Install Security Update 2011-005 or later.See Also
http://support.apple.com/kb/HT4920
http://lists.apple.com/archives/security-announce/2011/Sep/msg00000.html
Plugin Details
Severity: Medium
ID: 56141
File Name: macosx_SecUpd2011-005.nasl
Version: 1.4
Type: local
Agent: macosx
Family: MacOS X Local Security Checks
Published: 9/9/2011
Updated: 5/28/2024
Supported Sensors: Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/o:apple:mac_os_x:10.6, cpe:/o:apple:mac_os_x:10.7
Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, Host/uname, Host/MacOSX/packages
Patch Publication Date: 9/9/2011
Vulnerability Publication Date: 8/29/2011